Events Webhook
Our Events Webhook lets you stay up to date with Cord activity in your app. Choose which events you want to receive and where we should send them to. Run your own analytics, integrate with tools like Slack, or even build your own AI chatbot assistant...
Tell us what events to send and where #
You can select which events to receive and where we should send them on the Cord Console. Log in to your application and go to the Events tab.
When you give us your Events Webhook endpoint, we will attempt to verify the URL before saving it to your application. You can also set your endpoint via REST API.
Verify incoming events #
To make sure that requests hitting your endpoint are really from Cord, verify the incoming request's signature using your app secret.
Each request has a X-Cord-Signature header set which you should be able to match with a signature you create from the incoming event, using a HMAC-SHA256 keyed hash and your application's secret.
import { createHmac } from 'crypto';
const cordTimestamp = req.header('X-Cord-Timestamp');
const cordSignature = req.header('X-Cord-Signature');
const bodyString = JSON.stringify(req.body);
const verifyStr = cordTimestamp + ':' + bodyString;
const hmac = createHmac('sha256', <YOUR_CORD_APPLICATION_SIGNING_SECRET>);
hmac.update(verifyStr);
const incomingSignature = hmac.digest('base64');
if (cordSignature !== incomingSignature) {
throw new Error("Unable to verify signature")
} else {
// process event
}Event Structure #
All events have the following common properties at the top level of the payload:
Events #
Detailed information about each available event and its specific body:
- thread-message-added
- A new Cord message was added
- notification-created
- A new Cord notification was created
- url-verification
- Verifies ownership of an events webhook URL